package com.lucun.es_transaction.util;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.lucun.es_transaction.entity.User;

import javax.servlet.http.HttpServletRequest;
import java.util.Date;

public class JwtUtil {
    /*
        过期时间为24小时，毫秒计时的---毫秒--》秒--》分--》小时--》天
        private static final long EXPIRE_TIME= 60 * 24 * 60 * 1000;
     */
    //1小时
    private static final long EXPIRE_TIME=  60 * 1000 * 60;

    /**
     * 密钥，注意这里如果真实用到，应当设置到复杂点，相当于私钥的存在。如果被人拿到，相当于它可以自己制造token了。
     */
    private static final String TOKEN_SECRET="token-gx";  //密钥盐
    /**
     * 签名生成
     * @param user
     * @return
     */
    public static String sign(User user){

        String token = null;
        try {
            Date expiresAt = new Date(System.currentTimeMillis() + EXPIRE_TIME);
            token = JWT.create()
                    .withClaim("id",user.getId())
                    .withClaim("number", user.getNumber())
                    .withClaim("phone", user.getPhone())
                    .withClaim("username", user.getUsername())
                    .withClaim("role", user.getRole())
                    .withClaim("salt", user.getSalt())
                    .withExpiresAt(expiresAt)
                    // 使用了HMAC256加密算法。
                    .sign(Algorithm.HMAC256(TOKEN_SECRET));
        } catch (Exception e){
            e.printStackTrace();
        }
        return token;
    }

    /**
     * 签名验证
     * @param token
     * @return
     */
    public static boolean verify(String token){
        try {
            JWTVerifier verifier = JWT.require(Algorithm.HMAC256(TOKEN_SECRET)).build();//自定义的
            DecodedJWT jwt = verifier.verify(token);
            System.out.println("认证通过：");
            System.out.println("phone: " + jwt.getClaim("phone").asString());
            System.out.println("role: " + jwt.getClaim("role").asString());
            System.out.println("number: " + jwt.getClaim("number").asString());
            System.out.println("过期时间：" + jwt.getExpiresAt());
            return true;
        } catch (Exception e){
            return false;
        }
    }

    /**
     * @Author lsc
     * <p> 获得权限 </p>
     * @Param [request]
     * @Return java.lang.String
     */
    public static String getRoleByToken(HttpServletRequest request)  {
        String token = request.getHeader("token");
        DecodedJWT jwt = JWT.decode(token);
        return jwt.getClaim("role").asString();
    }

    public static int getIdByToken(HttpServletRequest request)  {
        String token = request.getHeader("token");
        DecodedJWT jwt = JWT.decode(token);
        return  jwt.getClaim("id").asInt();
    }

    public static String getNumberByToken(HttpServletRequest request)  {
        String token = request.getHeader("token");
        DecodedJWT jwt = JWT.decode(token);
        return jwt.getClaim("number").asString();
    }

    public static String getPhoneByToken(HttpServletRequest request)  {
        String token = request.getHeader("token");
        DecodedJWT jwt = JWT.decode(token);
        return jwt.getClaim("phone").asString();
    }

}

